﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Data.SqlClient;

public partial class upload : System.Web.UI.Page
{
    string Cname;

    protected void Page_Load(object sender, EventArgs e)
    {
        Cname = Request.QueryString["Cname"];
        Label1.Text = Cname;
    }
    protected void Button1_Click(object sender, EventArgs e)
    {
        bool fileOK = false;
        string path = Server.MapPath("~/document/");
        if (FileUpload1.HasFile)
        {
            string fileExtension = System.IO.Path.GetExtension(FileUpload1.FileName).ToLower();
            string[] allowedExtensions = { ".txt", ".doc", ".docx", ".xls", ".ppt", ".pdf" };

            for (int i = 0; i < allowedExtensions.Length; i++)
            {
                if (fileExtension == allowedExtensions[i])
                {
                    fileOK = true;
                }
            }
        }
        if (fileOK)
        {
            try
            {
                FileUpload1.SaveAs(path + FileUpload1.FileName);
                Label2.Text = "文件上传成功！";
                Label3.Text = "<b>源文件路径：</b>" + FileUpload1.PostedFile.FileName + "<br/>" + "<b>文件大小:</b>" + FileUpload1.PostedFile.ContentLength + "字节<br/>" + "<b>文件类型:</b>" + FileUpload1.PostedFile.ContentType + "<br/>";
            }
            catch (Exception ex)
            {
                Label2.Text = "文件上传不成功！";
            }
        }
        else
            Label2.Text = "文件格式不支持！";

        //////////////////数据库部分
        string id = Session["id"].ToString();
        string Cno = Request.QueryString["Cno"];
        string temp = FileUpload1.FileName;
        string conn = "Data Source= . ;Initial Catalog=XSXK; User ID=sa; pwd=123";
        SqlConnection connection = new SqlConnection(conn);
        try
        {
            connection.Open();
            SqlCommand comm = new SqlCommand();
            comm.Connection = connection;

            string str_sql = " insert into Document(Tno,Cno,filename) values('"+id+"', '"+Cno+"', '"+temp+"') ";
            comm.CommandText = str_sql;
            comm.ExecuteNonQuery();
        }
        catch (SqlException ex)
        {
            Response.Write(ex.Message);
        }

        finally
        {
            connection.Close();//关闭数据库连接
        }
    }
}